I’m excited to showcase the new features in the most recent vRealize Log Insight Cloud update! This update delivers enhancements to ease of use and flexibility along with a customizable home page.
Log management is a key part of operationalizing a wide range of solutions. Log Insight not only enables customers to quickly troubleshoot issues and bring them to resolution; it provides organizations with tools to proactively get notifications before something goes sideways. It’s also a key part of monitoring for audit and compliance purposes.
The enhanced vRealize Log Insight Could interface offers intuitive navigation and out of the box integration with VMC on AWS, native AWS, Kubernetes, and much more. Through the use of content packs, you have out of the box insight about specific types of events via pre-defined dashboards, queries, and alerts for a given application.
You can quickly search through massive amounts of log data and filter messages. You can set variable retention based on log type allowing you to retain, or archive messages based on company policy. You can also tag, filter, and mask logs.
AWS Log Sources
There are 35 AWS log sources including applications such as CloudTrail, CodeDeploy, and SQS.
The configuration steps for log sources are provided within the Log Insight Cloud User Interface.
Once the logging configuration is complete you can verify log flow to the environment by selecting the Logs tab under Log Sources.
vRealize Log Insight Cloud includes out of the box Dashboards for AWS services including DynamoDB, Kinesis, S3, SNS, SQS, and EKS.
The log messages already include the field definitions in the log stream to assist with log filtering and alerting. Indexed fields are created based on intelligent grouping algorithms applied to messages that are ingested. Content fields are defined as part of content packs that are enabled. Administrators can also extract custom field definitions.
One-Click Field Extraction
As I mentioned, vRealize Log Insight Cloud includes a number of extracted fields based on log sources and content packs. The one-click extract field option populates all context values that correspond to the field that you select in a log event in a case where you want to assign values to log data that is not already extracted.
Review extracted field regex values that were automatically defined.
Home Page Customization
Log Insight Cloud has a customizable home page using drag and drop functionality to add additional widgets to the canvas.
Log Volume Trends – Used to detect a sudden increase or decrease in volume either due to proxy failure or configuration issues with log sources.
Error or Exception Events – When issues are experienced on a device, the number of error or exception events typically increases. If a spike of error messages is detected, this may indicate a problem within the environment.
Log Statistics – MBs ingested per second.
Event Trends – Provides increasing or decreasing percentages per each event type.
Event Types – Count of records per event type.
SDDC Source Breakdown – count of logs from each SDDC in VMC on AWS.
Log Source Breakdown – count of logs coming from each ingestion source.
ESX Audit Events – audit events from ESX hosts
Recent Alerts – List of enabled alerts triggered during a selected time window.
Recent System Alerts – System alerts triggered during selected time window
Favorite Dashboards – Dashboards favorited by current user
Favorite Queries – Queries favorited by current user.
In addition to the customizable home page, you can also set any of your dashboards as the landing page for the portal when you first sign in.
vRealize Log Insight Cloud provides the interface for creating dashboards with drag and drop functionality. Add your most frequently used queries and alerts to your dashboards for quick review. Resize widgets and move them around the canvas as desired.
Dashboard Filtering with Group Actions
The new dashboard management options enable you to quickly tag dashboards for specific service roles, sort dashboards through text filters, by content packs, or author. You can filter by your customized lists or by the number of widgets. Multi-select dashboards to bulk add to list, add or remove tags, or delete them. You can manage thousands of dashboards using filtering.
Audit Events for VMware Cloud
Access all of your VMC audit events including Activity Overview, Alarms, Clusters, Datastores, DRS, Hosts, NSX-T Events, Resource Pools, Roles and Permissions, Users and Virtual Machines. You can quickly access log data from a dashboard query.
Navigating to Log Data from Dashboards
Review detailed log queries represented in dashboards widgets.
Comprehensive Overview Dashboard
Review events by type and hostname. Review unique instances of event types occurring in your environment.
Quickly disable alerts while troubleshooting a known issue or for scheduled maintenance.
Modify chart types, including new options for Event Streams and Event Trends.
vRealize Log Insight Cloud provides out of the box content to manage your environment and expand visibility to include on-premises, private, hybrid, VMC on AWS and native AWS clouds using centralized, high-performance log analysis.
For more information, please register for our VMworld session “HCP1727 – vRealize Log Insight Cloud for VMware Cloud and Beyond” or visit our website and sign up for our free trial!